If you look at the link itself it does go to citi so my guess is this is a bug at citi website. The certificate was issued to Citi on 7/22/2010 valid for two years. So even though it is possible someone faked the certificate in light of latest hacking news, I will think it is unlikely your info is stolen or floating in cyberspace.